Tessa88 was relatively unknown until April 2016 when she first claimed in two different hacker forums that she had a huge database for sale. She claimed to be in possession of millions of usernames and passwords to log in to sites like MySpace, DropBox, Instagram, VK (the Russian counterpart to Facebook), as well as a number of others. Tessa88 was willing to sell the huge data chest for a few hundred dollars. Though she never mentioned her gender, one of her profile on the hacker forums suggests she is a girl. The database she was selling contained legitimate user ids and passwords according to LeakedSource. LeakedSource researchers verified both the MySpace and VK dumps, both from Tessa88, and integrated them into their databases. That’s the usernames and passwords for at least 11 million and 100 million users, respectively. Apparently Tessa88 isnt working alone. Another hacker called Peace also leaked a similar data base of MySpace and LinkedIn users. All of the aforementioned hacks are believed to have happened several years ago and it is unclear what individual or individuals are actually responsible for the hacks themselves. In a Jabber conversation with Vocativ, Tessa88 said that she was in possession of a vast quantity of hacked databases, including Facebook, Instagram, the dating sites Cupid and Badoo, and popular eastern European social network site OK.ru. She declined to immediately elaborate where she got those logins, though, saying she was driving a car. She also requested 1 bitcoin as collateral for the information, which Vocativ was unwilling to provide. Apparently, Tessa88 has much to sell. Tessa88 had noted on a hacker forum that she had 380 million MySpace and 137 million VK accounts for sale. In addition Tessa88 provided a data set containing over 32 million Twitter user credentials to security research group LeakedSource today. LeakedSource said that it is unlikely that Twitter was hacked and the login details may have been gained from malware infections. Tessa88 exploits have just began.
